Encrypted electronic messaging exchange

ABSTRACT

A computer-implemented system and method for secure electronic message exchange includes receiving an encrypted message between one of an inmate or an outside user. The message is transmitted between the users without decrypting the message at the server to ensure privacy. In various configurations, the message is stored at the server in encrypted form and a notification message is transmitted to a recipient. The recipient may then request retrieval of the message from the server. After being authenticated, the encrypted message is provided to the recipient without being decrypted at the server.

CROSS-REFERENCE TO RELATED APPLICATIONS

This application is a Continuation Application of U.S. application Ser. No. 16/786,110 filed Feb. 10, 2020, which is a Continuation Application of U.S. application Ser. No. 16/175,202, filed Oct. 30, 2018, now U.S. Pat. No. 10,560,488, which is a Continuation Application of U.S. application Ser. No. 15/974,108, filed May 8, 2018, now U.S. Pat. No. 10,116,707, which is a Continuation Application of U.S. application Ser. No. 15/606,818, filed May 26, 2017, now U.S. Pat. No. 9,967,291, which is a Continuation Application of U.S. application Ser. No. 15/259,439, filed Sep. 8, 2016, now U.S. Pat. No. 9,667,663, which is a Continuation Application of U.S. application Ser. No. 14/457,593, filed Aug. 12, 2014, now U.S. Pat. No. 9,807,123, which is a Continuation Application of U.S. application Ser. No. 13/941,382, filed Jul. 12, 2013, now U.S. Pat. No. 9,680,878, which is a Continuation Application of U.S. application Ser. No. 12/802,641, filed Jun. 10, 2010, now U.S. Pat. No. 8,488,756, which is a Continuation Application of U.S. application Ser. No. 10/996,795, filed Nov. 24, 2004, now U.S. Pat. No. 7,742,581, the entire contents of which are herein incorporated by reference. Other related applications include U.S. application Ser. No. 15/620,986 filed Jun. 13, 2017, now U.S. Pat. No. 9,923,932, U.S. application Ser. No. 15/003,504 filed Jan. 21, 2016, now U.S. Pat. No. 9,787,724, U.S. application Ser. No. 14/457,604 filed Aug. 12, 2014, now U.S. Pat. No. 9,680,879, and U.S. application Ser. No. 14/457,616 filed Aug. 12, 2014, now U.S. Pat. No. 9,306,883, the entire contents of which are herein incorporated by reference.

FIELD OF THE INVENTION

The invention relates generally to the field of electronic messaging exchange in correctional institutions or similar facilities. In particular, the invention discloses the use of an electronic message exchange system with the capacity to monitor, control access, and bill for usage of such a system.

BACKGROUND OF THE INVENTION

As electronic messaging has become commonplace with the advent of the Internet in recent years, many institutions, such as prisons, nursing homes, mental institutions, etc., have the need to offer inmates or residents controlled electronic messaging exchange access. Common forms of interaction for inmates and residents with external parties include such mediums as site visits and telephonic communication. While both of these methods can be useful, electronic messaging can prove to be more effective and provides an alternative to the aforementioned mediums. For the purposes of simplicity, discussion will be limited to inmates within a correctional facility, but the discussion can easily be expanded to include residents of other institutions.

Site visits from an inmate's family, attorney, etc. are often not economically or physically possible. The inability of visitors to make site visits to the inmate results from such factors as the distance from and costs incurred to travel to the institution. In addition, it is costly and difficult for some institutions to provide monitoring and security for the visitors and inmates. As a result, an alternative method is necessary to allow controlled inmate communication with external parties.

An alternative to site visits, telephonic communication, poses other problems.

Some visitors may be several time zones away from the penal institution making telephonic communication difficult and even prohibitive. Additionally, telephonic communication between external parties and inmates can prove expensive. There are two common methods of payment available to inmates. In the first method, a collect call is placed to an acceptable outside party. In the second method, an inmate has an account in which money is deposited from a variety of sources and for each phone call; the cost of the call is then deducted from the account balance. The costs vary as a result of, inter alia, different service providers for different facilities. Usually the institutions contract a service provider to install, operate and maintain the facility's system. As a result, costs for calls within the penal institution are generally much more than for similar calls made outside of the institution.

From the standpoint of the institution, inmate telephone usage can prove expensive, as it is necessary to monitor and record the activities of each of the residents in order to properly charge each individual caller for his or her outgoing calls. There are three common methods for monitoring telephone calls: live monitoring, passive monitoring and monitoring via a standard recording device. One such system known in the art provides a computer-based telecommunication system for the purpose of allowing an institution to control, monitor, record and report usage and access to a telephone network. In addition, the institution controls whom the inmate can or cannot call.

Electronic messaging, such as emailing and instant messaging, has become prominent in recent years as a medium of information transfer. While there is good reason to provide inmates with electronic messaging access, there is also a necessity to control the inmate's access to sending and receiving electronic messages. There have been instances where email has been banned from prisons, even when received via a printed form, resulting from, inter alia, a lack of secure control methods. System control is necessary to prevent harassing messages to outside parties, to prevent fraudulent activities, etc. Therefore, systems in such environments must monitor and control the electronic messaging activity of each inmate. Systems should also have a means of maintaining electronic messaging records for each inmate. The system should include a means for communicating with emailed parties to enable the contacted parties to prevent future emails from inmates. The same holds true for instant messaging. In short, the communications system used in a regulated institution must employ unique monitoring and control functions often unnecessary in other types of electronic messaging exchange systems. Further, an exchange system in institutions should reduce the workload burden of the correctional facility while provide security through intelligence gathering capabilities.

In order for the methods of monitoring and control to be effective, it is important to prevent inmates from exploiting any loop-holes that can be used to bypass the control features of the system. This control is vital to ensure that the inmate does not access blocked addresses, for example, to perpetrate additional criminal activities or harass certain parties.

An electronic messaging system with restricted access should be able to perform the same functions as a normal electronic messaging system. The system should provide keyword scans, translation, file preparation, encryption, control over sent and received electronic messages to and from external sources, a billing method, etc. While there are systems that provide for some of these features, there is no system that provides a comprehensive solution for electronic messaging in a correctional facility. The present invention encompasses all the elements into a single system enabling a secure electronic messaging system to be utilized in penal institutions.

For example, systems are known in the art that filter unwanted, bulk, or junk emails, commonly referred to as “spam”. The filtering can be done by a variety of methods including: sender address, sender organization, recipient address, recipient organization, attachment type, and email message content type. Each of these filtering types can be used in order to reduce “spam”. The emails that pass the filtering process are then sent to a recipient or recipients. Potential “spam” is then stored in a separate location, where it is examined by either the potential recipient or a third party. If determined to be “spam”, it is deleted or moved to another folder. Another possibility is to have the potential “spam” automatically deleted without verification by a party.

A different system provides a methodology for a computerized telecommunications system for voice to text message storage for use in correctional facilities. This system receives an external message via either voice or text. There are two storage means: a voice message box or an email inbox. If a voice message is received, it passes as a regular telephonic voice message is then stored as a voice message in the voice message box. If instead, the storage unit is an email box and a voice message is received, the voice message is converted to text and the message is then saved. The reverse happens if the message is a text message and the storage medium is a voice message box. If a text message is received and the inmate has an email in box, then the text message is saved as text. The inmate is then notified of the new message. This system can also allow the inmate to send either a text or a voice message to an external party. If it is a voice message, then no conversion occurs and the message is sent. However, if an inmate's message is in the form of text, then either a text to voice conversion occurs before being sent to the outside party or the text message is sent via email to the external party. The invention is limited in the fact that it can only handle email or voice messages.

Yet another system known in the art provides a system and method for providing a sponsored or universal telecommunications service and third party payer services. The system discloses a method for providing a service for a sponsor to pay for communication via voice, data or multi-media services, on the behalf of others. The method further provides universal service for telecommunication voice and multimedia applications without tax or market subsidies.

In the view of the foregoing, a need exists for an inclusive method for allowing inmates access to electronic messaging systems. The present invention provides an alternative to site visits, telephonic and other forms of communication. It also offers a secure method for using electronic messages within a correctional or similar institution, including such features as monitoring, controlling, archiving and billing.

SUMMARY OF THE INVENTION

The invention embodies an electronic message exchange system for use in penal institutions, or similar facilities and institutions. It provides a combination of systems and services, which allow inmates and their outside contacts to communicate via written correspondence in an expedient manner. Further, the present invention includes the capability for sending and receiving messages via a telephone and converting them as the necessary to text or similar format. The present invention also reduces the workload of the correctional facility staff and offers increased security by providing intelligence gathering capabilities.

The invention is designed to provide routing and identification processing, content control, translation, file preparation, and encryption. Also, a method for billing of services rendered is included, in addition to controlling the communication limitations for the inmate through such methods as populating an allowed or disallowed contact list, and controlling the frequency, size and length of communications. It also features alert methods for sent and received messages.

The invention provides a secure barrier, referred to herein as the central service center or central station, through which messages are forwarded to the intended party. The central service center is designed to gather information from the messages and alert the appropriate officials of those messages that present concerns prior to being disseminated to the receiving party.

In addition, the central service center acts as the central processing center for incoming and outgoing messages. Its primary objective is to provide a centralized location capable of processing messages to and from approved accounts. In the preferred embodiment of the present invention, files are created as a result of the required processes of the institution and saved in an approved format (i.e., email, printed medium, voice message, or other similar types of formats). These files are then retrieved from or sent to the institution depending on the requirements. The service center also serves as a repository of all messages and of all primary data captured from those messages. Further, it serves as a web portal through which institutions and users can retrieve messages and data from those messages.

Additionally, the central service center is preferably located remotely from the institution. However, it is foreseeable that the central service center may be located at the institution. Outside contacts gain access to the central service center preferably via their existing Internet Service Provider (ISP). The service center provides secure web-based access via a user-friendly interface to each outside contact through the system's software, preferably residing on a server at the service center. In the preferred embodiment, once an account is created and payment means are established, the outside contact may log in to the central service center. After the outside contact logs in, he or she may view a received message and/or compose a message to his or her intended recipient, such as to an inmate. In the preferred embodiment, the outside contact's account is charged a monthly fee for the service. In an alternative embodiment, the outside contact's account is charged by an amount commensurate with the charges for each message. The payment method may be pre-paid or the account can be charged for later billing. These methods will vary and are customizable based on the institution's requirements.

Furthermore, the central service center processes messages using various criteria, including, but not limited to, the intended recipient, keyword searches, language translation, suspect criteria, etc. Once these processes have been performed, files containing the appropriate information (i.e., a message to an inmate including necessary identification information about the sender and the recipient) are forwarded to a site server or multifunction device designated for the system, preferably located at the institution. The institution's staff has an opportunity to view the messages according to their desired priorities prior to allowing the messages to be delivered to their intended party. Additionally, the central service center also provides intelligence gathering and reporting capabilities, which are made available through various screens in the system software. Administrators can access the system locally or remotely via the Internet. Certain aspects of the central service center may alternatively be incorporated into a site server, if supplied.

The invention also provides several methods of inputting text, including, but not limited to, a computer terminal, fax and written correspondence. In addition, an inmate may leave a voice message, which is then preferably converted to text. Safe terminals may be provided for the inmate population, which allow inmates to type outgoing messages and view incoming messages. In this embodiment, the safe terminals are preferably completely isolated from the Internet, connected only to the site server, and only capable of accessing the secure system software. If an inmate handwrites a message, the message is scanned and sent to the appropriate contact. Further, messages received from outside contacts may be printed onsite and once the message is approved for viewing, the printed message is sent to the inmate.

In an alternative embodiment, an integrated system is used for both instant messaging and email, which allows inmates direct access to terminals for sending and receiving messages. In yet another different embodiment, two separate systems exist, one for instant messaging and one for email purposes. These embodiments also have a secure site (similar to the preferred embodiment) that both inmates and external parties log into in order to communicate with each other. Further, administrators can remotely access and manage the site.

When safe terminals are incorporated into the system, the system preferably utilizes a secure user name and password for user authentication. In this embodiment, the institution pre-determines the user name and password, with the password preferably changing after a fixed interval of time or if tampering is suspected. However, to one of ordinary skill in the art, it is apparent that other forms of security measures can easily be implemented including such methods as radio frequency identification (RFID), and various biometric features. These methods can be used alone or in conjunction with any of the other security measures.

In the preferred embodiment, each inmate has a unique recipient address or user identification that external parties can send a message to. When an outside party attempts to send an electronic message to an inmate, a series of control measures occur. The sender address is checked for authenticity and to ensure that the sender is an acceptable contact for the inmate. The acceptable contact list can be maintained via an “allowed contact list” or via a “disallowed contact list”. The allowed and disallowed lists may also be used in conjunction with each other. Content control is managed as the message itself is scanned for certain keywords and phrases. If a keyword or phrase is found, the message is flagged and sent to the service center or institution for manual examination. The message is translated as necessary, and the files are prepared and encrypted. After passing through the control measures, the message is then routed to the appropriate institution for viewing on the secure terminal or printing on the multifunction device. To one knowledgeable in the art, other authentications and control measures can be easily implemented. For outgoing inmate messages, a series of authentications is also performed similar to that of incoming messages.

The invention alerts the inmate of received messages preferably via the same method used by the institution for received mail. Also, the actual message may be delivered with the mail via a printed medium. In an alternative embodiment, the inmate is alerted after he or she successfully logs into a secure terminal, such as the aforementioned safe terminal. In yet a different embodiment, the inmate is notified on closed circuit monitors that display a list of the inmates that have new messages.

The preferred embodiment of the invention allows external users access to set up an account. It provides security checks for authorizing the external user. After the account is set up by the external party, the account holder can communicate via written messages with the desired inmate. The invention further preferably provides a maximum limit to the amount of communication between the parties. In the preferred embodiment, the external party's account is billed a monthly service fee.

In an alternative embodiment, each inmate has a registered account (as opposed to the account being registered to the external party). When the account is accessed and email is sent, the cost of the email is then deducted from the account balance. Payment occurs from such methods as pre-paying or billing after-the-fact for usage. A similar method can be implemented for instant messaging. Charges can be accrued based on measures such as total number of words, total number of lines, a fixed rate for each message sent or a rate for the time the inmate is logged in, etc.

The invention archives all incoming and outgoing messages through an automated storage database. This database can be searched in a variety of ways to retrieve desired information, except for restricted or privileged communications that are protected by the attorney-client privilege. These electronic messages are locked except to the authorized parties.

In the current embodiment of the invention, when an inmate sends a message to an approved address, the recipient receives an email notification from an automated administrator stating that the inmate wishes to send the recipient a message. If the recipient desires to receive the message, he or she then logs onto a secure site via the Internet, enters the appropriate security identification and views the message. The recipient is required to set up an account for the purposes of monitoring the messages sent and received. Also, the account is preferably billed based on a monthly service fee. All forms of forwarding or copying the message to anyone other than the original recipient are prevented. The external recipient then has the option of sending an email back to the inmate. Recipients can also choose to remove the inmate from their list, preventing the inmate from future contact with said recipient.

When instant messaging is allowed by the institution, an inmate who wishes to have an instant message conversation with an approved external party sends a message to the external party through the secure site and if the party accepts, the outside party then logs onto the secure site where the instant messaging conversation then occurs. If the external party does not respond, the inmate has the option of sending a message to attempt to set up a date and time to hold the conversation. The message sent from the inmate to the outside party can be sent to an email address or an outside instant messaging platform.

Therefore, it is an object of the invention to provide a comprehensive electronic message exchange system for use in penal or similar institutions.

It is also an object of the invention to provide secure written correspondence to and from an inmate in a secure facility.

A different object of the invention is to provide means for leaving a voice message and converting the voice message to text for viewing.

It is another object of the invention to provide a secure platform from which electronic messaging can occur.

It is yet another object of the invention to provide security authentication for inmates and external parties.

It is still another object of the invention to provide translation for incoming or outgoing messages.

It is also an object of the invention to control the list with whom an inmate can electronically converse.

Additionally, it is an object of the invention to prevent messages from being forwarded to any additional parties by the recipient of the message.

It is a further object of the invention to encrypt the incoming and outgoing messages within the electronic message exchange system.

Furthermore, it is an object of the invention to provide content control for messages via such methods as keyword and phrase scanning.

It is still another object of the invention to provide alerts for the inmate upon receiving a message from an external party.

It is a further object of the invention to provide a billing method for services rendered while using the electronic message system.

It is another object of the invention to reduce institutional staff resources required for correspondence purposes.

Further, it is an object of the invention to provide the appropriate, personnel with means to search for and view incoming and outgoing messages.

Finally, it is an object of the invention to archive and store all messages in a database and to mark all protected messages for such reasons as attorney-client privilege, thus making them inaccessible except to those with the authority to access them.

Other objects, features, and characteristics of the invention, as well as methods of operation and functions of the related elements of the structure, and the combination of parts and economies of manufacture, will become more apparent upon consideration of the following detailed description with reference to the accompanying drawings, all of which form part of this specification.

BRIEF DESCRIPTION OF THE DRAWINGS

A further understanding of the invention can be obtained by reference to a preferred embodiment set forth in the illustrations of the accompanying drawings. Although the illustrated embodiment is merely exemplary of systems for carrying out the invention, both the organization and method of operation of the invention, in general, together with further objectives and advantages thereof, may be more easily understood by reference to the drawings and the following description. The drawings are not intended to limit the scope of this invention, which is set forth with particularity in the claims as appended or as subsequently amended, but merely to clarify and exemplify the invention.

For a more complete understanding of the invention, reference is now made to the following drawings in which:

FIG. 1 is a block diagram of the preferred embodiment of the invention depicting the electronic message exchange system.

FIG. 2 is a flow chart of the preferred process of the invention illustrating an external party sending messages to an inmate and viewing messages sent by an inmate.

FIG. 3 depicts a flow chart of the preferred process of the invention whereby an inmate sends a message to an external party.

FIG. 4A depicts a block diagram of an alternative embodiment for the electronic messaging exchange system allowing inmates direct access to user workstations.

FIG. 4B depicts a block diagram of an alternative embodiment illustrating a universal control system for incorporation of a telephonic communications system in conjunction with the electronic messaging exchange system.

FIG. 5 is a flow chart of an alternative process of electronic message exchange between an inmate and an external party according to the present invention when inmates are provided direct access to user workstations.

FIG. 6 shows a flow chart of an alternative process for electronic message exchange from an external party to an inmate according to the invention when inmates are provided direct access to user workstations.

DETAILED DESCRIPTION OF THE DRAWINGS

As required, a detailed illustrative embodiment of the invention is disclosed herein. However, techniques, systems and operating structures in accordance with the invention may be embodied in a wide variety of forms and modes, some of which may be quite different from those in the disclosed embodiment. Consequently, the specific structural and functional details disclosed herein are merely representative, yet in that regard, they are deemed to afford the best embodiment for purposes of disclosure and to provide a basis for the claims herein, which define the scope of the invention. The following presents a detailed description of the preferred embodiment of the invention (in addition to some alternative embodiments).

Starting first with FIG. 1, depicted is a block diagram of the preferred embodiment of the invention illustrating the structural set up of the electronic message exchange system. When an inmate desires to send a message to an external party, the inmate goes to inmate composition station 102 located at institution site 100. In the preferred embodiment, an inmate composes a hand-written or typed text message on a preprinted form. On this form, the inmate fills out his or her personal registration number and the account number, which the inmate wishes the message to be sent to. The account number is associated with an outside contact that has set up an account for access to the system. In an alternative embodiment, an inmate may leave a voice message, which is then converted to text. One of skill in the art will recognize that this conversion can easily be incorporated into the system. Also, the inmate may alternatively have access to a workstation for sending and receiving messages. The system preferably charges the outside contact a monthly fee for the ability to use the system, although other billing methods are foreseeable. The number of messages sent and received by the external party is configurable to meet the security and workload needs of each individual institution. For example, in the present embodiment each external party may send “n” messages and receive “n” messages from each inmate on their list where “n” is an integer. For instance, if an outside contact desires communication with two inmates, then the outside contact is allowed to send “n” messages to each inmate and receive “n” messages from each inmate, for a total of “4n” messages, “2n” for each inmate.

After the inmate composes the message at inmate composition station 102 located at institution site 100, the message is sent to multi-function unit (MFU) 104. Preferably, MFU 104 is located in the institution's mailroom, but other locations are foreseeable. The inmate messages are loaded into MFU 104. MFU 104 scans the messages and the messages are electronically sent to central station 106. Central station 106 is preferably located remote to the institution and is preferably connected to MFU 104 via an Internet Protocol (IP) connection. At central station 106, conversion engine 108 converts the written or typed text messages received from MFU 104 into digital data that can be processed by server 110. Although only one server 110 is pictured, multiple servers may be used commensurate with the amount of data requirements: Central station 106 further includes such elements as routers and data services via local telephone company provided circuits (not shown in FIG. 1).

The aforementioned conversion can be done by such means, including, but not limited to, optical character recognition (OCR) and intelligent character recognition (ICR). Once conversion engine 108 converts the message as necessary, server 110 at central station 106 associates each message with the intended recipient and the message sender. Server 110 checks to see if the attempted message exchange is acceptable. Server 110 also checks to ensure that the intended recipient and the inmate are authorized to communicate. It further provides keyword and phrase scans of the messages. In the preferred embodiment, the site staff are allowed to view messages and approve the before sending the message to the recipient. Additionally, the system notifies the intended recipient of the message that the inmate has sent a message and provides for secure access and user log in for the recipient to view the message from the inmate and compose messages to the inmate.

The system preferably provides secure socket layer (SSL) protection of data sent to and received from server 110. The typed or written text messages are stored as an image or converted to another format as required and made available for viewing by the intended recipient on server 110. Server 110 provides a user-friendly interface for viewing and composing messages preferably via the Internet. It enables users to set up accounts and provides for billing for system usage. Server 110 also is capable of providing such features including, but not limited to, language translation, file encryption, filtering, file storage and file preparation. Finally, messages received by the external party or the inmate are blocked from being forwarded, copied, etc.

Next, FIG. 2 depicts a flow chart of the preferred process of the invention illustrating both an external party sending messages to an inmate and viewing messages sent by an inmate. Initially, an external party attempts to access the secure system preferably via an Internet browser (step 200). The system provides a user-friendly interface for message viewing and composition. If the user has not yet set up an account, the user enters a new account request (step 202). The system then performs an authentication check of the potential account holder to ensure, inter alia, whether the user is an acceptable contact for the inmate (step 204). If the user passes the authentication step, the user is assigned a random account number (step 206).

The user is then prompted to choose a password (step 208). Other authentication means are foreseeable as well, such as a personal identification number (PIN) or biometric identification means. Using the account number and password, the user logs into the system (step 210). If the user already has an account when he or she initially attempts to log into the system (step 200), the user proceeds directly to the log in step (step 210). After successful log in, the user views messages received from the inmate or composes messages to be sent to the inmate (step 212). The system then provides security checks (step 214) whereby the message is checked for such things as keywords, and content. If the message passes the security checks, it is then sent to the institution (step 220). If, however, the message fails the security checks, it is sent to an administrator (step 216). At this point, the message and all other relevant file data are stored in a database (step 218). The system preferably bills the appropriate account a monthly service fee. In alternative embodiments, other billing methods, such as billing for the number of messages sent or for message length, may be utilized. The preceding processes are preferably performed by server 110 located at central station 106. However, it is foreseeable that other servers or devices can be utilized to perform these functions. The message is sent to MFU 104 where the message is converted to a viewing format as required by the institution (step 220). The administrator preferably views the message and decides whether to allow the sending of the message (step 222). If the message passes the administrator check, the inmate is notified (step 224) and the inmate reads the message (step 226). If the message fails the administrator's check, it is blocked from the inmate (step 228).

FIG. 3 depicts a flow chart of the preferred process of the invention whereby an inmate sends a message to an external party. First, the inmate composes a message at inmate composition station 102 located at institution site 100 (step 300). As previously discussed, this message is preferably either hand written or typed and contains the necessary information regarding the inmate and the potential recipient. However, it is foreseeable that the inmate may leave a voice message or similar which is then converted as necessary. In addition, the inmate may have direct access to a safe terminal or workstation for message composition. After the inmate completes the message, the message is sent to MFU 104. The message is scanned by MFU 104 and sent to conversion engine 108 located at central station 106 (step 302). The message is converted to a format appropriate for transmission to the recipient by conversion engine 108. Conversion engine 108 converts the message using such means as OCR or ICR. Next, security checks are performed on the message (step 304), which include, inter alia, making sure the recipient is an acceptable contact, keyword and phrase scan, and file preparation. If the message fails to pass the security checks (step 304), an administrator is notified (step 306), and the message is stored in a database (step 310). Further, the system preferably charges the appropriate account a service fee monthly.

If the message instead passes the security check (step 304), the system sends a notification to the recipient stating that a new message from the inmate is available for viewing over the secure system site (step 308) and the message is stored (step 310). The recipient logs into the secure site preferably via an Internet browser (step 312) and views the message (step 212). The recipient also has the option of sending a message to the inmate at this point. If the recipient chooses to do so, the recipient then proceeds to compose a message (step 212).

FIG. 4A shows a block diagram of the basic set up of the electronic message exchange system according to an alternative embodiment of the invention. Computer control platform 401 is connected to the user workstations 403 a-n and the external third parties 405 a-n via connections 407 a-n and 409 a-n, respectively. Computer control platform 401 can be local or remote to the user workstations. Connections 407 a-n can be either cable or wireless. In addition, connections 407 a-n can be a Wide Area Network (WAN), a Local Area Network (LAN) connection, etc. Connections 409 a-n connects the computer control platform 401 to the external third parties 405 a-n via the Internet.

Computer control platform 401 is monitored and controlled, either actively or passively, by an administrator. Computer control platform 401 contains one or more servers, which processes the electronic messages, prepares and routes the electronic messages, performs security checks and encrypts the electronic messages. It also stores the electronic messages. In addition, computer control platform 401 prepares notifications to send to either the inmate or the external third party. It also has a secure platform for communication between the inmate and third party. Both the inmate and third party use this platform to send messages back and forth. Further, administrators can remotely or locally access the system via a workstation (not shown). In the remote access set up, the administrator accesses the system via the Internet to perform various administrative functions (i.e., viewing messages, setting control parameters, performing database searches, printing reports, etc.).

FIG. 4B depicts a block diagram of another alternative embodiment of the invention. In addition to enabling electronic messaging, this alternative embodiment provides a telephonic communication platform as is known in the art. Also, the system enables users to send and receive voice messages. Further, the system converts the messages from voice to a variety of text formats and from a variety of text formats to voice as necessary. Central control platform 511 contains central computer control platform 523 and central telephone control platform 521. Central computer control platform 523 performs the same functions as the aforementioned computer control platform 401. Central computer control platform 523 is connected to user workstations 503 a-n and third party workstations 509 a-n via connections 515 a-n and connections 519 a-n, respectively. Connections 515 a-n may be cabling or wireless. Also, connections 515 a-n can be a WAN connection, a LAN connection, etc. Connections 515 a-n connect computer control platform 523 to the external third parties 509 a-n via the Internet.

Computer control platform 523 is monitored and controlled, either actively or passively, by an administrator. The administrator may perform various administrative functions via a local workstation (not shown) or remotely by accessing the system via the Internet. Computer control platform 523 contains one or more servers, which processes the electronic messages, prepares and routes the electronic messages, performs security checks and encrypts the electronic messages. It also stores the electronic messages. In addition, computer control platform 523 prepares notifications to send to either the inmate or the external third party. It also has a secure platform for communication between the inmate and third party. Both the inmate and third party use this platform to send messages back and forth.

Central control platform 511 also contains central telephone control platform 521. Central telephone control platform 521 connects user telephonic communication devices 501 a-n with external party telephonic communication devices 507 a-n via connections 513 a-n and 517 a-n, respectively. Central telephone control platform 521 enables inmates to telephonically communicate with an external third party. Central telephone control platform 521 provides for control, monitoring, and billing. Further, central control platform 511 enables conversion between voice and text messages. For example, if the system receives a voice message, the system can convert the voice message to a text format for viewing.

FIG. 5 depicts a flow chart of an alternative process showing the electronic messaging exchange between the inmate and the external party. As shown, the process begins with an inmate's attempt to log into the secure platform (step 101). The site then prompts for the inmate to enter a provided user name and password (step 103), although to one skilled in the art, other security measures such as biometrics, radio frequency identification (RFID), etc. can be used “instead of or in conjunction with a user name and password. Next, the user authentication is checked (step 105). If the user is authenticated, the process continues where the inmate is asked to choose whether he or she would like to instant message (IM) or email an external party (step 107). If the user is not authenticated, the user is again prompted to enter the user name and password (step 119). If the user is authenticated on this second attempt, then the user is asked whether he wants to send an IM or email (step 107).

If, however, the inmate again incorrectly inputs the proper identification, the session terminates and an administrator may be electronically notified (step 121). When this second attempt failure occurs, the session is checked to see if the user ever logged in (step 129). If the user was not logged in, then the system is exited (step 131). Preferably, a monthly service fee is charged to the appropriate account. However, fees can be also be charged based on a variety of different methods, including, but not limited to, a charge per email or IM, a per minute charge, or a charge for the length of messages sent or received. Also, the system may be set up such that a third party can pay for the email or IM communication. Once messages have been archived (step 117), the system exits (step 131).

The system can be configured to allow only one log on attempt. Also, the system may be configured to allow for more than one attempt. Both of these can be controlled at the administrator's option. Additionally, the system may be triggered to automatically monitor or record communication after a certain number of attempts rather than terminate the session. Further, the system can be set to monitor or record any session that the administrator desires, such as for certain users that have previously attempted to engage in criminal activity via the system.

The inmate decides whether to email or IM and the inmate writes either an email (step 109) or an IM (step 123). If the inmate chooses to compose an email, after the inmate writes the email, it is subjected to security measures including a content check and authentication that the potential recipient has an acceptable address (step 111). If the email passes through security, an email notification is sent to the recipient containing a log in identification, password and directions to a secure site that he or she can visit to view the sent message (step 113). The inmate is then prompted to log out (step 115). If the inmate chooses instead to continue, the process reverts back. The inmate is prompted to choose whether to IM or email (step 107). If the inmate logs out, the messages are archived (step 117). If the email fails to pass the security check (step 111), the session is terminated and the administrator is notified (step 121). In addition, at this point, a check of whether the user was logged in and if messages were sent occurs (step 129) and if verified, and messages are archived (step 117). If the message is confidential as protected by attorney-client privilege, it is locked so that it cannot be accessed by unauthorized sources.

If the inmate chooses to write an IM instead of an email (step 107), the inmate writes an IM and attempts to send it (step 123). The instant message is subjected to the same security measures as an email (step 125). If the message fails to pass, the session is terminated and the administrator is notified (step 121). Next, the system checks to see if the user was logged in and if any messages were sent (step 129). If yes, the messages are archived and stored (step 117) and the system exits (step 131). When an IM passes the security constraints (step 125), a message is sent to the external recipient (step 127).

After the message is sent (step 127), the contacted external party is notified of the attempted contact by the inmate (step 141). For example, the external party can be notified of the attempted contact by the inmate, through an email, or via a third-party instant messaging platform. The response can result in three different scenarios. The first is that there is no reply from the external party after a set interval of time (step 133). When this occurs, the user is prompted to log out or continue and attempt another electronic message exchange (step 115). Additionally, the user has the option of sending another message to the external party to set up a time and date when he or she wishes to hold a future IM conversation. If the user logs out, messages are archived and stored as previously discussed (step 117). If instead the inmate decides to attempt another message, the user is prompted to choose if he or she wants to write an email or IM (step 107).

The second possibility when the external party is notified is that the external party declines the conversation and the administrator is notified (step 143). The user is prompted to log out or continue (step 115) and the process continues.

The final possibility is that the external party accepts the invitation to join the inmate in an instant messaging conversation (step 135). Further, the external party logs into the secure site and a conversation ensues. The conversation is monitored via such methods as word spotting. If inappropriate conversation ensues, the conversation is terminated immediately (step 137). If not, the conversation continues for a set length of time, after which the system terminates the conversation. The user is then prompted to log out (step 115) and the loop repeats.

The system can be also be configured to automatically log out after a user has been logged in for a set time period. In this embodiment, the system is also set to notify the user at given intervals to warn the user of the remaining time before automatic log out occurs.

FIG. 6 depicts an alternative process whereby an external party messages an inmate (step 301). The message goes through a security check (step 303). The security check may include both manual and automated security checks. The external party is verified as an acceptable contact for the inmate and the sender address is authenticated through such methods as a digital signature. If the message fails the security check, the administrator receives the message (step 315). Conversely, if the message passes the security checks, the system sends the message to the inmate (step 305). Next, the inmate is notified of the new message (step 307). The inmate then logs into the system and reads or sends messages (step 309), preferably following the same process as in FIG. 2. After completing the session, the inmate logs out (step 311). The messages are archived and stored (step 313).

While the invention has been described with reference to the preferred embodiment and several alternative embodiments, which embodiments have been set forth in considerable detail for the purposes of making a complete disclosure of the invention, such embodiments are merely exemplary and are not intended to be limiting or represent an exhaustive enumeration of all aspects of the invention. The scope of the invention, therefore, shall be defined solely by the following claims. Further, it will be apparent to those of skill in the art that numerous changes may be made in such details without departing from the spirit and the principles of the invention. It should be appreciated that the invention is capable of being embodied in other forms without departing from its essential characteristics. 

What is claimed is:
 1. A messaging platform in communication with an inmate communication device for processing text-based messages involving an inmate of a controlled environment facility, comprising: a messaging platform database; a transceiver; and one or more processors configured to: wirelessly receive an encrypted message between the inmate of the controlled environment facility and an external party external to the controlled environment facility; store a copy of the encrypted message in the messaging platform database for later retrieval; send a notification to a message recipient that the encrypted message is available for retrieval; receive a retrieval request from the recipient for the encrypted message; provide the encrypted message to a recipient device associated with the recipient in response to the retrieval request; and authenticate the recipient in response to receiving the retrieval request and personal identification information from the recipient.
 2. The messaging platform of claim 1, wherein the encrypted message is provided to the recipient device in encrypted form.
 3. The messaging platform of claim 1, wherein the encrypted message is stored in the messaging platform database in encrypted form.
 4. The messaging platform of claim 1, wherein the authenticating includes: retrieving previously-stored authentication information from the database; and comparing the received personal identification information to the previously-stored authentication information.
 5. The messaging platform of claim 1, wherein the providing of the encrypted message to the recipient device includes transmitting the encrypted message to the recipient device.
 6. The messaging platform of claim 1, wherein the providing of the encrypted message to the recipient device includes decrypting the encrypted message and sending the decrypted message to the recipient device.
 7. A method for processing text-based messages involving an inmate of a controlled environment facility, the method comprising: wirelessly receiving an encrypted message between an inmate communication device associated with the inmate and an external device associated with an external party external to the controlled environment facility; storing a copy of the encrypted message in a messaging platform database for later retrieval; sending a notification to a message recipient that the encrypted message is available for retrieval; receiving a retrieval request from the recipient for the encrypted message; providing the encrypted message to a recipient device associated with the recipient in response to the retrieval request; and authenticating the recipient in response to receiving the retrieval request and personal identification information from the recipient.
 8. The method of claim 7, wherein the encrypted message is stored in the messaging platform database in encrypted form.
 9. The method of claim 7, wherein the encrypted message is provided to the recipient device in encrypted form.
 10. The method of claim 7, wherein the authenticating includes: retrieving previously-stored authentication information from the database; and comparing the received personal identification information to the previously-stored authentication information.
 11. The method of claim 7, wherein the providing of the encrypted message to the recipient device includes transmitting the encrypted message to the recipient device.
 12. The method of claim 7, wherein the providing of the encrypted message to the recipient device includes: decrypting the encrypted message; and sending the decrypted message to the recipient device.
 13. A wireless communication device configured to provide message exchange involving an inmate of a controlled environment facility, the wireless communication device comprising: a user interface device configured to display message information to a user of the wireless communication device; an input device configured to receive input commands from the user; a transceiver configured to transmit and receive signals with a messaging platform; and one or more processors configured to: receive a message and a message recipient identifier from the user via the input device, the message recipient identifier identifying one of the inmate of the controlled environment facility or an external party external to the controlled environment facility; encrypt the received message; generate a message package for transmission to the messaging platform, the message package including the encrypted message and the recipient identifier; cause the transceiver to transmit the message package to the messaging platform; and receive a notification from the messaging platform that an incoming message designated for the user has been received.
 14. The wireless communication device of claim 13, wherein the message is a text-based message.
 15. The wireless communication device of claim 13, wherein the one or more processors are further configured to: receive an instruction from the user via the input device to request retrieval of the incoming message from the messaging platform; and cause the transceiver to transmit a retrieval request to the messaging platform in response to the receiving of the instruction.
 16. The wireless communication device of claim 15, wherein the one or more processors are further configured to: receive an incoming message package from the messaging platform in response to the transmitting of the retrieval request, the incoming message package including an encrypted incoming message; decrypt the encrypted incoming message; and display the decrypted incoming message to the user via the user interface.
 17. The wireless communication device of claim 15, wherein the one or more processors are further configured to: receive a stream of incoming message data from the messaging platform that includes decrypted incoming message data; and display the received incoming message data to the user via the user interface. 